DG INFSO external financial audits, quality assurance, whopping 30% error rate discovered in risk-based audits, overriding public interest

The request was partially successful.

Mr. Charilaos. DROSOS

Dear Communications Networks, Content and Technology (CNECT),

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

1. INTRODUCTION

I refer to the presentation ‘Ex-post controls’ made by DG INFSO senior official on 18/2/2011 at the Ombudsman Services; the Ombudsman granted full access to the presentation on 6/2/2014 pursuant to a confirmatory application under Regulation No 1049/2001 http://www.asktheeu.org/en/request/583/r....

It emerges from the presentation that DG INFSO had established specific quality control procedures for the audits (slides 17-19), and that risk-based audits (slides 28-30) have been a very special breed of ‘animal’ since a whopping error rate of 30% was discovered.

I would be obliged if DG CNECT would provide me with a copy of the documents set out below. The requested documents were drawn up from 1/1/2008 onwards and concern all successive versions of a document. The documents are indentified as precisely as possible on the basis of the presentation.

2. QUALITY ASSURANCE OF OUTSOURCED AUDITS

Slide 17 reads:
Quality Assurance – Outsourced audits
- First check(s) by partner audit firm
- Second check by auditor 02 in charge
- Third check audit supervisor 02
- Special cases – additional check S4 and PO

I would be obliged if DG CNECT would provide me with a copy of the manual, or handbook, or equivalent document(s) for:

1. The DG INFSO/CNECT imposed methodology and practice about the first checks by the audit firms

2. The second check

3. The third check

4. The checks of special cases, where the Unit S4, or its successor(s), and the project officer were also involved

It is noted that the framework contracts of DG RTD with the audit firms released under Regulation 1049/2001 do not include contractual terms about the quality control carried out by an audit firm.

3. QUALITY ASSURANCE OF DG INFSO/CNECT AUDITS

Slide 18 reads:
Quality Assurance – Audits with own resources
- Minimum two auditors 02 in audit team
- Second check by supervisor 02
- Third check by HoU
- Special cases – additional check S4 and PO

I would be obliged if DG CNECT would provide me with a copy of the manual, or handbook, or equivalent document(s) for:

5. First check by the two O2 Unit auditors

6. The second check

7. The third check

8. The checks of special cases, where the Unit S4, or its successor(s), and the project officer were also involved

4. RISK-BASED AUDITS

Slide 28 reads:
Risk-based audits
- Oriented toward the detection and correction of intentional overclaims
- Aims to be highly selective and effective
- Special procedures for data-gathering, risk-assessment and auditing
- Strong cooperation with OLAF

I would be obliged if DG CNECT would provide me with a copy of the manual, or handbook, or equivalent document(s) for:

9. The identification of contractors/beneficiaries having a high risk as regards ‘intentional overclaims’

10. The special procedures for data gathering, especially in view of the content of the first 3 bullets of slide #29

5. EXCEPTIONS OF ARTICLE 4 OF REGULATION 1049/2001

The requested documents under #1 to #8 are solely about quality assurance and not about the conduct of the audit itself. They are also general-purpose, abstract documents. Due to their nature, their full disclosure cannot have the effect of compromising future audits, not even to the slightest extent. Therefore, no exception of article 4 is applicable.

6. OVERRIDING PUBLIC INTEREST

The documents under #9 concern the identification of auditees. Given that slide #30 reveals a whopping 30% error rate discovered in risk-based audits, it follows that DG INFSO had been extremely successful in identifying the high-risk beneficiaries/contractors, and the that error rate itself is extraordinarily high. An error rate at level of 30% suggests either overclaims bordering fraud, or something terribly wrong with the audit itself, or both.

In either case, such a whopping error rate shows a serious deficiency on the part of DG INFSO, because DG INFSO ought to have caught the risky beneficiaries/contractors at the proposal evaluation phase, or at the negotiations phase at the latest. The mere fact that so many beneficiaries/contractors have passed those phases – yet risk-based audits found something of a rather systematic nature – shows that either something was very wrong at these two phases, or the risk-based audits had themselves been on the verge of an extreme heavy-handiness and unfairness, or both. In any event, this line of reasoning gives rise to the need of a thorough scrutiny of the audit methods.

Turning to documents #10 and the content of the first 3 bullets of slide #29, it is highly questionable to what extent DG INFSO/CNECT were lawfully entitled to collect personal data of third parties.

The overriding public interest is to scrutinise:

(i) To what extent the quality assurance reaffirmed the objectivity, fairness, and above all the legality of the audit, as opposed a mere rubber-stamping of the audit findings, which would be useful in the event the Commissioner or other supervising authorities raised some questions.

(ii) The legality of the risk-based audits and whether the whopping 30% error rate is an objective finding, or a mere reflection of the audit Unit own ideas about the contractual and legal obligations of the beneficiaries/contractors.

Finally, it is pointed out that according to the case law of the EU Courts an Institution is obliged to examine whether there is an overriding public interest for granting access, even if an applicant has been silent about it. Consequently, DG CNECT is obliged to impartially and objectively consider this aspect of the application, duly taking into account the above specific reasoning.

Yours faithfully,

Mr. Charilaos DROSOS

Communications Networks, Content and Technology

Dear Sir,

Thank you for your email dated 20/02/2014.

We hereby acknowledge receipt of your application for access to documents, which was registered on 20/02/2014 under reference number GestDem 2014/962.

In accordance with Regulation (EC) No 1049/2001 regarding public access to European Parliament, Council and Commission documents, your application will be handled within 15 working days.

The time limit will expire on 13/03/2014. In case this time limit needs to be extended, you will be informed in due course.

Yours faithfully,

Carlos Remis
SG.B.4.
Transparence.
Berl. 05/329.

-----Original Message-----
From: Mr. Charilaos. DROSOS [mailto:[FOI #1206 email]]
Sent: Thursday, February 20, 2014 2:14 PM
To: SG ACCES DOCUMENTS
Subject: access to information request - DG INFSO external financial audits, quality assurance, whopping 30% error rate discovered in risk-based audits, overriding public interest

Dear Communications Networks, Content and Technology (CNECT),

Under the right of access to documents in the EU treaties, as developed in Regulation 1049/2001, I am requesting documents which contain the following information:

1. INTRODUCTION

I refer to the presentation ‘Ex-post controls’ made by DG INFSO senior official on 18/2/2011 at the Ombudsman Services; the Ombudsman granted full access to the presentation on 6/2/2014 pursuant to a confirmatory application under Regulation No 1049/2001 http://www.asktheeu.org/en/request/583/r....

It emerges from the presentation that DG INFSO had established specific quality control procedures for the audits (slides 17-19), and that risk-based audits (slides 28-30) have been a very special breed of ‘animal’ since a whopping error rate of 30% was discovered.

I would be obliged if DG CNECT would provide me with a copy of the documents set out below. The requested documents were drawn up from 1/1/2008 onwards and concern all successive versions of a document. The documents are indentified as precisely as possible on the basis of the presentation.

2. QUALITY ASSURANCE OF OUTSOURCED AUDITS

Slide 17 reads:
Quality Assurance – Outsourced audits
- First check(s) by partner audit firm
- Second check by auditor 02 in charge
- Third check audit supervisor 02
- Special cases – additional check S4 and PO

I would be obliged if DG CNECT would provide me with a copy of the manual, or handbook, or equivalent document(s) for:

1. The DG INFSO/CNECT imposed methodology and practice about the first checks by the audit firms

2. The second check

3. The third check

4. The checks of special cases, where the Unit S4, or its successor(s), and the project officer were also involved

It is noted that the framework contracts of DG RTD with the audit firms released under Regulation 1049/2001 do not include contractual terms about the quality control carried out by an audit firm.

3. QUALITY ASSURANCE OF DG INFSO/CNECT AUDITS

Slide 18 reads:
Quality Assurance – Audits with own resources
- Minimum two auditors 02 in audit team
- Second check by supervisor 02
- Third check by HoU
- Special cases – additional check S4 and PO

I would be obliged if DG CNECT would provide me with a copy of the manual, or handbook, or equivalent document(s) for:

5. First check by the two O2 Unit auditors

6. The second check

7. The third check

8. The checks of special cases, where the Unit S4, or its successor(s), and the project officer were also involved

4. RISK-BASED AUDITS

Slide 28 reads:
Risk-based audits
- Oriented toward the detection and correction of intentional overclaims
- Aims to be highly selective and effective
- Special procedures for data-gathering, risk-assessment and auditing
- Strong cooperation with OLAF

I would be obliged if DG CNECT would provide me with a copy of the manual, or handbook, or equivalent document(s) for:

9. The identification of contractors/beneficiaries having a high risk as regards ‘intentional overclaims’

10. The special procedures for data gathering, especially in view of the content of the first 3 bullets of slide #29

5. EXCEPTIONS OF ARTICLE 4 OF REGULATION 1049/2001

The requested documents under #1 to #8 are solely about quality assurance and not about the conduct of the audit itself. They are also general-purpose, abstract documents. Due to their nature, their full disclosure cannot have the effect of compromising future audits, not even to the slightest extent. Therefore, no exception of article 4 is applicable.

6. OVERRIDING PUBLIC INTEREST

The documents under #9 concern the identification of auditees. Given that slide #30 reveals a whopping 30% error rate discovered in risk-based audits, it follows that DG INFSO had been extremely successful in identifying the high-risk beneficiaries/contractors, and the that error rate itself is extraordinarily high. An error rate at level of 30% suggests either overclaims bordering fraud, or something terribly wrong with the audit itself, or both.

In either case, such a whopping error rate shows a serious deficiency on the part of DG INFSO, because DG INFSO ought to have caught the risky beneficiaries/contractors at the proposal evaluation phase, or at the negotiations phase at the latest. The mere fact that so many beneficiaries/contractors have passed those phases – yet risk-based audits found something of a rather systematic nature – shows that either something was very wrong at these two phases, or the risk-based audits had themselves been on the verge of an extreme heavy-handiness and unfairness, or both. In any event, this line of reasoning gives rise to the need of a thorough scrutiny of the audit methods.

Turning to documents #10 and the content of the first 3 bullets of slide #29, it is highly questionable to what extent DG INFSO/CNECT were lawfully entitled to collect personal data of third parties.

The overriding public interest is to scrutinise:

(i) To what extent the quality assurance reaffirmed the objectivity, fairness, and above all the legality of the audit, as opposed a mere rubber-stamping of the audit findings, which would be useful in the event the Commissioner or other supervising authorities raised some questions.

(ii) The legality of the risk-based audits and whether the whopping 30% error rate is an objective finding, or a mere reflection of the audit Unit own ideas about the contractual and legal obligations of the beneficiaries/contractors.

Finally, it is pointed out that according to the case law of the EU Courts an Institution is obliged to examine whether there is an overriding public interest for granting access, even if an applicant has been silent about it. Consequently, DG CNECT is obliged to impartially and objectively consider this aspect of the application, duly taking into account the above specific reasoning.

Yours faithfully,

Mr. Charilaos DROSOS

-------------------------------------------------------------------

This is a request for access to information under Article 15 of the TFEU and, where applicable, Regulation 1049/2001 which has been sent via the AsktheEU.org website.

Please kindly use this email address for all replies to this request: [FOI #1206 email]

If [DG CONNECT request email] is the wrong address for information requests to Communications Networks, Content and Technology (CNECT), please tell the AsktheEU.org team on email [email address]

This message and all replies from Communications Networks, Content and Technology (CNECT) will be published on the AsktheEU.org website. For more information see our dedicated page for EU public officials at http://www.asktheeu.org/en/help/officers

-------------------------------------------------------------------

hide quoted sections

EC ARES NOREPLY, Communications Networks, Content and Technology

1 Attachment

Dear Sir,

Please find attached document Ares(2014)573786 regarding "Your application for access to documents – Ref GestDem No 2014/962 - extension of the deadline." sent by Ms ENGELBOSCH Katleen on 04/03/2014.

Kind regards.

-------------------------------------------------------------------------------------------------------------
Note: This e-mail was automatically generated by the European Commission's central mail registration system.
Replies by e-mail must be addressed to the original sender ENGELBOSCH Katleen (mailto:[email address]).
Remarque : Cet e-mail a été généré automatiquement par le système d'enregistrement central du courrier de la Commission européenne.
Toute réponse éventuelle par e-mail doit être adressée à l'expéditeur en personne, à savoir ENGELBOSCH Katleen (mailto:[email address]).

Mr. Charilaos. DROSOS

Dear Communications Networks, Content and Technology (CNECT),

Referring to the application under reference number GESTDEM 2014/962 and the letter ARES(2014) 573786, this is a kind reminder that the initial reply is overdue since the 7th of April 2014.

Yours faithfully,

Mr. Charilaos. DROSOS

EC ARES NOREPLY, Communications Networks, Content and Technology

4 Attachments

Dear Sir,

Please find attached document Ares(2014)1132238 regarding "Your application for access to documents – Ref GestDem No 2014/962 under Regulation 1049/2011 regarding public access to European Parliament, Council and Commission documents" sent by Mr Madelin Robert on 10/04/2014.

Kind regards.

-------------------------------------------------------------------------------------------------------------
Note: This e-mail was automatically generated by the European Commission's central mail registration system.
Replies by e-mail must be addressed to the original sender Madelin Robert (mailto:[email address]).
Remarque : Cet e-mail a été généré automatiquement par le système d'enregistrement central du courrier de la Commission européenne.
Toute réponse éventuelle par e-mail doit être adressée à l'expéditeur en personne, à savoir Madelin Robert (mailto:[email address]).